A new report from CrowdStrike has found cyberattacks are getting faster, with breakout times down to an average of 62 minutes compared to an average of 84 minutes in 2023.
34 new threat actors have also joined the cyber scene, with a total of over 230 individual threat actors now tracked by the company.
A new record breakout time was also recorded at just two minutes and seven seconds to jump from an infected host to another hose within the network.
Hackers are following their targets into the cloud
The report highlights the rapid increase in the speed of attacks and the use of AI assistance is “driving a tectonic shift in the security landscape and the world.”
The human factor has increasingly become the main source of entry for threat actors, with interactive intrusions and hands-on-keyboard attacks increasing by 60%. Many threat actors have increased their use of social engineering and phishing campaigns to gain abusable credentials, and ultimately access to their target’s environment.
As businesses continue their journey towards the cloud, threat actors have followed, with cloud intrusions increasing by 75% since last year. Threat actors are also seeking greater knowledge of the cloud itself, with the exploitation of cloud unique features experiencing a 110% increase.
Threat actors are sowing further disruption by exploiting trusted relationships to compromise supply chains, allowing the actor to “cast a wide net” in its victim selection. CrowdStrike highlights successful attempts by the North Korean ‘Labyrinth Chollima’ to intrude trusted software as a delivery mechanism for data stealing malware.
CrowdStrike also issues a warning to democracy as state-sponsored adversaries are highly likely to target critical upcoming elections. Russia, China, and Iran all have motivations to influence and disrupt elections and will likely launch disinformation campaigns that take advantage of geopolitical tensions and conflicts to influence voters and exacerbate societal fractures.
Threat actors are stepping up their use of AI-generated content, including artificial images and video, to spread misinformation on social media. CrowdStrike expects increasing abuse of open-source or publicly available LLMs to continue, rather than threat-actors developing their own home-grown models.
“Over the course of 2023, CrowdStrike observed unprecedented stealthy operations from brazen eCrime groups, sophisticated nation-state actors and hacktivists targeting businesses in every sector spanning the globe,” said Adam Meyers, head of Counter Adversary Operations, CrowdStrike.
“Rapidly evolving adversary tradecraft honed in on both cloud and identity with unheard of speed, while threat groups continued to experiment with new technologies, like GenAI, to increase the success and tempo of their malicious operations.
“To defeat relentless adversaries, organizations must embrace a platform-approach, fueled by threat intelligence and hunting, to protect identity, prioritize cloud protection, and give comprehensive visibility into areas of enterprise risk.”
More from TechRadar Pro
- Technical debt and cloud issues are the biggest barriers to digital transformation for many companies
- These are the best cloud firewalls and best cloud backup services
- Here is our guide to the best endpoint protection software